Use of LVS algorithms, models, and ipvsadm tools

I. Introduction

Ipvsadm is a tool for adding rules to the ipvs module. It does not provide any ipvs function, similar to iptables.

Ii. Algorithms

Static

1. round-robin (RR) sends messages in turn

2. weighted-round-robin (WRR) weighted round-robin Transmission

3. destination-hash: Create a hash table for the target ip address in the request and distribute the request based on the table and the backend RS status.

4. source-hash creates a hash table for the source IP address in the request. RS is allocated for subsequent requests for persistent connections.

Dynamic

1. The least-connection (LC) active * 256 + inactiv

2. weighted-least-connection (active * 256 + inactiv)/weight

3. shortest-benchmark CT-delay (active + 1) * 256/weight

4. Upgrade version of no-queue sed without queuing. If there is idle RS, it will be allocated directly.

5. Locality-Based Least Connections (dh + lc) is used for cache servers to maintain the ing between one host and one server.

6. Locality-Based Least Connections with lblc optimized by Replication, maintain the ing between a host and a group of servers

Iii. Use ipvsadm

1. Related Parameters

Ipvsadm-A | E-t | u | f service-address [-s scheduler] [-p [timeout] [-O] [-M netmask]

-A: add the lvs Service

-E Edit

-T: tcp

-U: udp

-F: firewall mark

Service-address: VIP: PORT

-S: schedule Scheduling Algorithm

-P: persistant persistent connection

-O: Only applicable to udp protocol, fixed by switching the client port

-M: netmask indicates the granularity for the client to maintain persistent connections.

Ipvsadm-D-t | u | f service-address

-D: Delete

Ipvsadm-a | e-t | u | f service-address-r server-address [-g | I | m] [-w weight] [-x upper] [-y lower]

-A: add

-E: Edit

-R: realserver-ip

-G: DR Model

-I: TUN Model

-M: NAT Model

-W: Weight

-X: Maximum number of connections allowed by RS

-Y: Minimum number of connections allowed by RS

Ipvsadm-d-t | u | f service-address-r server-address

-D Delete

# Service ipvsadm save -->/etc/sysconfig/ipvsadm save rules to the default file

# Ipvsadm-S>/path/to/file

# Ipvsadm-R </path/to/file

# Define SADM-C clearing rules

# Ipvsadm-Z counters return to zero

# Ipvsadm-L |-l view -- rate -- stats -- timeout

# Enable forwarding echo 1>/proc/sys/net/ipv4/ip_forward

2. Create a NAT

#ipvsadm -A -t 172.16.0.10:80 -s rr#ipvsadm -a -t 172.16.0.10:80 -r 192.168.0.1 -m#ipvsadm -a -t 172.16.0.10:80 -r 192.168.0.2 -m

3. Create a DR

#ipvsadm -A -t 172.16.100.10:80 -s lc#ipvsadm -a -t 172.16.100.10:80 -r 192.168.0.1 -g -w 2#ipvsadm -a -t 172.16.100.10:80 -r 192.168.0.2 -g -w 3

Add kernel parameters to RS respectively

# Echo 1>/proc/sys/net/ipv4/conf/lo/arp_ignore (ignore arp) # echo 2>/proc/sys/net/ipv4/conf/lo/arp_announce (arp not Reported) # echo 1>/proc/sys/net/ipv4/conf/all/arp_ignore # echo 2>/proc/sys/net/ipv4/conf/all/arp_announce

Bind a VIP to lo

#ifconfig lo:0 172.16.100.10 broadcast 172.16.100.10 netmask 255.255.255.255 up

Add a route

# route　add -host 172.16.100.10 dev lo:0

4. Establish a firewall-based persistent connection

Port affinity

Persistent port connection

Persistent client connection

Mark all connections with ports 443 and 80 with the same code

#iptables -t mangle -A PREROUTING -p tcp -d $VIP --dport 80 -j MARK --set-mark 9#iptables -t mangle -A PREROUTING -p tcp -d $VI　--dport 443 -j MARK --set-mark 9

Create fwm-based ipvs rules and add two RS

# ipvsadm -A -f 9 -s rr -p# ipvsadm -a -f 9 -r 172.16.0.1 -g# ipvsadm -a -f 9 -r 172.16.0.2 -g